Main menu

Post navigation

Unencrypted comm. protocols in diabetes tech: not a feature

Today, when I woke up I found an email in my Inbox from Animas Corporation, the J&J company that makes my insulin pump. The email was in regards to a cybersecurity vulnerability identified in the Animas insulin pump, that under certain fairly extreme circumstances could give a person “unauthorized access to the pump through its unencrypted radio frequency communication system.”

I tweeted about it, and I was a confused with the first response to my tweet (which was merely meant to inform my peers in the #DOC), indicating that the fact that there was an unencrypted communication channel was a feature of the pump. The conversation quickly started taking a different tone: “I think the opportunities of open comm are worth more than the paranoia of pump hacking for evil. #MyTwoCents” I replied with this comment:

A few yrs ago, I may have agreed with you. But in recent years the world has shown us a very ugly face. Balance bet safety & efficacy needed https://t.co/LvfCfzxika

Several hours later, I found my Twitter notifications exploding with replies, RTs and Likes opposing my comment and asking me to “show where this is a legit risk that doesn’t read like a bad Tom Clancy novel“. I quickly realized I was in way over my depth, and Twitter is a terrible place to explain complex things, so I decided to blog about it.

There are many friends in the diabetes community that I have tremendous respect for, and I feel I owe it to them to write this, because I don’t want a series of tweets in any way to be interpreted as lack of support for the way way in which they have contributed to the advancement of things in diabetes technology. Of course, I am talking about the folks behind the #WeAreNotWaiting movement, and the folks at Tidepool.

At the same time, and maybe because I have been in industry since May 2015, I don’t think the only two options are either completely open and unencrypted channels to communicate with insulin pumps OR proprietary and encrypted protocols. Traditional paradigms can lead us to believe that, but we live in a new world, the world I was referring to in my initial tweet, that has shown us a very ugly face in recent years. This is the world that author Joshua Cooper Ramo talks about in his amazing book “The Seventh Sense: Power, Fortune, and Survival in the Age of Networks“. The central idea in the book:

Connection changes the nature of an object…

This notion can be best understood when you consider that incredible connection-enabling tools like Twitter were central to facilitating the Arab Spring, and have recently become a recruiting tool for terrorists. We are not in Kansas any more. This is not about Tom Clancy or science fiction: all it (sadly) takes is to look around us and pay attention at the Presidential Campaign, to remind us of how different a world we live in.

So what will it take to avoid stifling innovation? How to balance it with the mandate to empower AND protect the health and lives of the patients we serve?

We should not defend vulnerabilities: we need to advocate for secure communication protocols that are exposed in a responsible manner (I am not an expert on this topic, but as an optimist it strikes me as doable) to the research and development community. To this end, I like Howard’s idea of an “innovation switch” introduced last month at the NIH-NIDDK Artificial Pancreas Workshop.

This may or may not come from the incumbent companies. It remains to be seen, but when I see what BigFoot is doing (including a crypto-chip in their upcoming pump):

and what Tandem is doing (their t:slim G4 pump exceeds the highest standards as laid out by the Diabetes Technology Society), I feel hopeful about a future where we won’t need to wait five years since a vulnerability on a Medtronic pump was first identified by a hacker with type 1 diabetes like Jay Radcliffe to identify a similar vulnerability with the Animas Ping pump, before action is taken.